Release Notes for Tomcat7

Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages (JSP) technologies. It is a web server not limited to serving up static web pages, but can also generate dynamic results in response to user requests by executing Java servlets and rendering web pages.

Version: 7.0.109-0120

(2021-12-07)

What's New

  1. Updated to version 7.0.109.

Fixed Issue

  1. Fixed multiple security vulnerabilities (CVE-2021-30640, CVE-2021-25329).
  2. Minor bug fixes.

Version: 7.0.107-0118

(2021-02-23)

Important Note

  1. This update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on regions.

What's New

  1. Updated to version 7.0.107.

Fixed Issues

  1. Fixed multiple security vulnerabilities (CVE-2020-13935, CVE-2020-17569, CVE-2020-9484, CVE-2020-0221, CVE-2020-17563, CVE-2020-1935, CVE-2020-1938).

Version: 7.0.104-0116

(2020-06-09)

What's new

  1. Updated to version 7.0.104.

Fixed issues

  1. Fixed a security vulnerability (CVE-2020-9484).

Version: 7.0.92-0115

(2019-01-03)
  1. Fixed a security vulnerability regarding Tomcat 7 (CVE-2018-11784).

Version: 7.0.90-0114

(2018-08-29)
  1. Fixed multiple security vulnerabilities regarding Tomcat (CVE-2018-1336, CVE-2018-8034).

Version: 7.0.82-0113

(2017-10-12)
  1. Upgraded to version 7.0.82 to address multiple vulnerabilities (CVE-2016-8745, CVE-2017-5664, CVE-2017-5647, CVE-2017-5648, CVE-2017-12615, CVE-2017-12616 and CVE-2017-12617).

Version: 7.0.73-0110

(2017-01-04)
  1. Upgraded to 7.0.73.

Version: 7.0.72-0109

(2016-11-02)
  1. Default pages such as homepage, document, or example are no longer installed to enhance security.
  2. Added log rotation mechanism.
  3. Upgraded to version 7.0.72 to address multiple vulnerabilities (CVE-2016-1240, CVE-2016-5388).

Version: 7.0.69-0106

(2016-06-06)
  1. Upgraded to version 7.0.69.

Version: 7.0.62-0102

(2016-03-03)
  1. Upgraded to be compatible with DSM 6.0.

Version: 7.0.62-0101

(2016-01-21)
  1. Tomcat7 now depends on Java 7 package.
  2. Fixed a bug where the package could not be disabled.

Version: 7.0.109-0120

(2021-12-07)

What's New

  1. Updated to version 7.0.109.

Fixed Issue

  1. Fixed multiple security vulnerabilities (CVE-2021-30640, CVE-2021-25329).
  2. Minor bug fixes.

Version: 7.0.107-0118

(2021-02-23)

Important Note

  1. This update is expected to be available in all regions within the next few days. The actual time of release may vary slightly depending on regions.

What's New

  1. Updated to version 7.0.107.

Fixed Issues

  1. Fixed multiple security vulnerabilities (CVE-2020-13935, CVE-2020-17569, CVE-2020-9484, CVE-2020-0221, CVE-2020-17563, CVE-2020-1935, CVE-2020-1938).

Version: 7.0.104-0116

(2020-06-09)

What's new

  1. Updated to version 7.0.104.

Fixed issues

  1. Fixed a security vulnerability (CVE-2020-9484).

Version: 7.0.92-0115

(2019-01-03)
  1. Fixed a security vulnerability regarding Tomcat 7 (CVE-2018-11784).

Version: 7.0.90-0114

(2018-08-29)
  1. Fixed multiple security vulnerabilities regarding Tomcat (CVE-2018-1336, CVE-2018-8034).

Version: 7.0.82-0113

(2017-10-12)
  1. Upgraded to version 7.0.82 to address multiple vulnerabilities (CVE-2016-8745, CVE-2017-5664, CVE-2017-5647, CVE-2017-5648, CVE-2017-12615, CVE-2017-12616 and CVE-2017-12617).

Version: 7.0.73-0110

(2017-01-04)
  1. Upgraded to 7.0.73.

Version: 7.0.72-0109

(2016-11-02)
  1. Default pages such as homepage, document, or example are no longer installed to enhance security.
  2. Added log rotation mechanism.
  3. Upgraded to version 7.0.72 to address multiple vulnerabilities (CVE-2016-1240, CVE-2016-5388).

Version: 7.0.69-0106

(2016-06-06)
  1. Upgraded to version 7.0.69.

Version: 7.0.62-0102

(2016-03-03)
  1. Upgraded to be compatible with DSM 6.0.

Version: 7.0.62-0101

(2016-01-21)
  1. Tomcat7 now depends on Java 7 package.
  2. Fixed a bug where the package could not be disabled.

Version: 7.0.62-0014

(2015-12-10)
  1. Supports more platforms.

Version: 7.0.62-0011

(2015-07-01)
  1. Upgraded to 7.0.62 to address one security vulnerability (CVE-2014-7810).

Version: 7.0.57-0009

(2015-05-12)
  1. Upgraded Tomcat to 7.0.57.

Version: 7.0.54-0006

(2014-11-26)
  1. Added support for x10-series and x15-series models.

Version: 7.0.54-0005

(2014-09-23)
  1. Certified by Synology Trust Level.

Version: 7.0.54-0004

(2014-08-04)

Fixed Issues

  1. Updated to version 7.0.54 to address multiple security vulnerabilities including leveraging a weakness to bypass security-manager restrictions and read arbitrary files (CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119).

Version: 7.0.52-0001

(2014-04-29)

What's New

  1. Initial release.

Limitation & Known Issues

  1. Tomcat 7 is not backward compatible with Tomcat 6. Please refer to the Tomcat 7 migration guide on the official site for details.